Please be
aware of common scams and phishing attempts. If you receive
an email from us asking for any personal information, please
do not respond via email, but call us at 319-373-5400 or
email us at customerhelp@heritagemarion.bank to report the
request.

Be especially wary if you receive any email,
text, or voicemail that appears to be coming from Heritage
Bank and asks you for your credentials such as log on
information or account information or social security
information. Make it a standard procedure to call us at
319-373-5400 or email us at customerhelp@heritagemarion.bank
if you get a request before you act on it.

A common
phishing scam is an email to you that may appear to be from
us asking you to click a link and log on to update your
personal information. If you hover your cursor over a link
provided it will show a hover link that is different from
the one in the text. This is a sure sign that it is a
fraudulent link. If you are directed to a web page, the logo
and buttons might look similar to ours but it is likely a
pixelated screen copy. When browsing to the bank website it
should read https://www.heritagemarion.bank or
https://heritagemarion.bank as the first part of the address
line. Pay particular attention to the 'https' in the
address.

Read your email carefully. The ‘from’ address
should always end in @heritagemarion.bank. The '.bank' domain
extension
cannot be registered by any entity other than a bank and is
a safeguard and security feature of our bank.

If you
receive an email from any email address without the .bank
domain designation that has any of our bank
information or name in it report it to us immediately.

As a note, scam emails usually can be quickly identified by
the following:

The message is poorly written with
obvious grammatical errors.

Awkward sentence structure.
It may seem to be written by someone with English as a
second language or a computer program.

Statement that
your “account has been compromised”

Urgent request to
update your information. Immediate attention is required or
your account will be closed.

If an email contains
attachments you are not expecting, do not open them.
Attachments can contain malware or viruses that could infect
your system.

If you suspect or can confirm that
you’ve been phished, it’s best to report the attempt
directly to the person or organization being spoofed. You
can also contact the
Federal Trade
Commission (FTC) to lodge a complaint. Once completed,
delete the email, then empty your trash or delete the text

.
Run a complete virus/malware scan of your system
immediately.

More information can be found
regarding scams, phishing (and its variations), and identity
theft by following these links: